The vAMP Attack:
Taking Control of Cloud Systems
via the Unified Packet Parser

The vAMP Attack:
Taking Control of Cloud Systems
via the Unified Packet Parser

Virtual switches are a crucial component of cloud operating
systems that interconnect virtual machines in a flexible
manner. They implement complex network protocol parsing
in the unified packet parser—parsing all supported packet
header fields in a single pass—and are commonly co-located
with the virtualization layer. We find that this significantly
reduces the barrier for low-budget attackers to launch high
impact attacks in the cloud. This leads us to introduce the
virtual switch attacker model for packet-parsing, in short the
vAMP attack. Using OpenStack, a cloud operating system,
and Open vSwitch, a virtual switch, we demonstrate how current
virtual switch designs cannot withstand vAMP. Thereby
giving a weak attacker full control of the cloud in a matter
of minutes.